@Raekh said:
@Caracal For low level people “enum enum enum” doesn’t help. If it’s something we missed, okay. But I’ve been sitting in the l*g folder for a while, and I simply don’t have knowledge to distinguish what I can use or not. I’ve tried getting the authors to hydra, hijacking the cookies, but nothing.
It’s not about low level people. If you found the file, i say “enum,enum,enum” because it should be clear what you have to do and how to do it.
It’s not even about level, but more about clearness, you have a CVE, you need password, and if you have that file, it’s just about enum, and it’s clearly impossible to give a clue, without spoiling that part.
You don’t need to hijack anything, you don’t need to bruteforce creds.
For foothold:
- If you don’t have it, common list will help you to get to it.
- If you have it, just search what you need in it.